-
Notifications
You must be signed in to change notification settings - Fork 28
/
converger.go
75 lines (62 loc) · 1.97 KB
/
converger.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package converger
import (
"fmt"
"time"
"vxlan-policy-agent/enforcer"
"code.cloudfoundry.org/lager"
)
//go:generate counterfeiter -o fakes/planner.go --fake-name Planner . Planner
type Planner interface {
GetRulesAndChain() (enforcer.RulesWithChain, error)
}
//go:generate counterfeiter -o fakes/rule_enforcer.go --fake-name RuleEnforcer . ruleEnforcer
type ruleEnforcer interface {
EnforceRulesAndChain(enforcer.RulesWithChain) error
}
//go:generate counterfeiter -o fakes/metrics_sender.go --fake-name MetricsSender . metricsSender
type metricsSender interface {
SendDuration(string, time.Duration)
}
type SinglePollCycle struct {
Planners []Planner
Enforcer ruleEnforcer
MetricsSender metricsSender
Logger lager.Logger
ruleSets map[enforcer.Chain]enforcer.RulesWithChain
}
const metricEnforceDuration = "iptablesEnforceTime"
const metricPollDuration = "totalPollTime"
func (m *SinglePollCycle) DoCycle() error {
if m.ruleSets == nil {
m.ruleSets = make(map[enforcer.Chain]enforcer.RulesWithChain)
}
pollStartTime := time.Now()
var enforceDuration time.Duration
for _, p := range m.Planners {
ruleSet, err := p.GetRulesAndChain()
if err != nil {
return fmt.Errorf("get-rules: %s", err)
}
enforceStartTime := time.Now()
oldRuleSet := m.ruleSets[ruleSet.Chain]
if !ruleSet.Equals(oldRuleSet) {
m.Logger.Debug("poll-cycle", lager.Data{
"message": "updating iptables rules",
"num old rules": len(oldRuleSet.Rules),
"num new rules": len(ruleSet.Rules),
"old rules": oldRuleSet,
"new rules": ruleSet,
})
err = m.Enforcer.EnforceRulesAndChain(ruleSet)
if err != nil {
return fmt.Errorf("enforce: %s", err)
}
m.ruleSets[ruleSet.Chain] = ruleSet
}
enforceDuration += time.Now().Sub(enforceStartTime)
}
pollDuration := time.Now().Sub(pollStartTime)
m.MetricsSender.SendDuration(metricEnforceDuration, enforceDuration)
m.MetricsSender.SendDuration(metricPollDuration, pollDuration)
return nil
}